-
CVE-2022-27511, CVE-2022-27512: Patches for Two Citrix Application Delivery Management Vulnerabilities
PRIVACY PRIVACY CVE-2022-27511, CVE-2022-27512: Patches for Two Citrix Application Delivery Management Vulnerabilities Citrix patches a “nasty bug” in its Application Delivery Management solution that is difficult to exploit. Background On June 14, Citrix published a security bulletin (CTX460016) for a pair of vulnerabilities in Citrix Application Delivery Management (ADM), a centralized management solution used to…
-
WordPress Updates More Than a Million Sites to Fix Critical Ninja Forms Vulnerability
PRIVACY PRIVACY The code injection vulnerability allowed attackers to call methods in various Ninja Forms classes Read More
-
QNAP warns of new DeadBolt ransomware attack locking up NAS devices
PRIVACY PRIVACY Owners of NAS drives manufactured by QNAP have been advised that the company is “thoroughly investigating” reports that a new variant of the DeadBolt ransomware is targeting devices, locking up data and demanding victims pay a fee to extortionists. Read more in my article on the Hot for Security blog. Read More
-
NinjaForms WordPress plugin, actively exploited in wild, receives forced security update
PRIVACY PRIVACY A critical vulnerability in a WordPress plugin used on over one million websites has been patched, after evidence emerged that malicious hackers were actively exploited in the wild. Read More
-
Tracking People via Bluetooth on Their Phones
PRIVACY PRIVACY We’ve always known that phones—and the people carrying them—can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. This new research shows that that’s not enough. Computer scientists at the University of California San Diego proved in a study published May 24 that minute imperfections in…
-
Big tech platforms sign up to the EU Commission’s new Code of Practice on Disinformation
PRIVACY PRIVACY Major technology platforms have joined 34 signatories in committing to the EU Commission’s attempts to fight online disinformation by removing financial incentives and empowering researchers and fact checkers. Read More
-
Cybersecurity Snapshot: 6 Things That Matter Right Now
PRIVACY PRIVACY Key vulnerabilities you can’t ignore. Best practices to improve operational technology (OT) cybersecurity. A reality check on shift left, DevSecOps and cloud security. Tackling the security skills gap. Healthcare data breaches. And much more! The cybersecurity world is perennially noisy. Security pros must continually process headline-grabbing hacks, vulnerability disclosures, stern regulations and expert…
-
Experts Discuss Next Steps in Trust, Privacy and Security
PRIVACY PRIVACY The complex interrelation between trust, privacy and cybersecurity was discussed by experts during Okta Forum 2022 Read More
-
UK Proposes Post-Brexit Data Laws to Boost Innovation
PRIVACY PRIVACY Proposals designed to unlock businesses’ ability to use data and clamp down on nuisance calls and cookie pop-ups Read More
-
Heineken giving away free beer for Father’s Day? It’s a WhatsApp scam
PRIVACY PRIVACY With Father’s Day falling this weekend in the United States and UK, more people might be more willing than normal to believe the latest scam to be spreading via WhatsApp is true. But I’m afraid it isn’t. Sorry dads, Heineken isn’t giving away free coolers of beer. Read more in my article on…